|
[openbeos]
||
[Date Prev]
[05-2003 Date Index]
[Date Next]
||
[Thread Prev]
[05-2003 Thread Index]
[Thread Next]
[openbeos] Re: status of OpenBeOS
- From: "Axel Dörfler" <axeld@xxxxxxxxxxxxxxxx>
- To: openbeos@xxxxxxxxxxxxx
- Date: Mon, 05 May 2003 02:34:43 +0200 CEST
Tom Young <ores@xxxxxxxxxxxx> wrote:
> For running simple servers like web, http, ftp etc. All thats
> required
> is that the user can't run any unallowed applications. I think if
> this
> is a problem, then OpenBeOS R1 isn't the right solution. But take the
> cvs example, if you give them a shell where all they can run is cvs,
> then its as secure as cvs is, not ideal in the long term since any
> local
> user overflow can then become 'root', but I would find this more than
> acceptable for an R1.
>
> The only extra work that would be required would be setting up the
> group/user access so that remote users don't have an privillage to
> execute arbitary code, or code thats designed for the local user
> only.
> I think the effort would be in setting the permissions correctly in
> the
> distro, and the code changes should be minimal, and could be confined
> to
> userland programmes to set the correct mask.
OpenBeOS R1 will closely follow the security model as found in current
BeOS, that's a sure thing. R2 will have much better capabilities here,
and that's a sure thing as well, as long as I keep working on the
kernel :-)
Adios...
Axel.
|
|
